Malicious Network Traffic Detection via Deep Learning: An Information Theoretic View
From MaRDI portal
Publication:6349247
arXiv2009.07753MaRDI QIDQ6349247
Author name not available (Why is that?)
Publication date: 16 September 2020
Abstract: The attention that deep learning has garnered from the academic community and industry continues to grow year over year, and it has been said that we are in a new golden age of artificial intelligence research. However, neural networks are still often seen as a "black box" where learning occurs but cannot be understood in a human-interpretable way. Since these machine learning systems are increasingly being adopted in security contexts, it is important to explore these interpretations. We consider an Android malware traffic dataset for approaching this problem. Then, using the information plane, we explore how homeomorphism affects learned representation of the data and the invariance of the mutual information captured by the parameters on that data. We empirically validate these results, using accuracy as a second measure of similarity of learned representations. Our results suggest that although the details of learned representations and the specific coordinate system defined over the manifold of all parameters differ slightly, the functional approximations are the same. Furthermore, our results show that since mutual information remains invariant under homeomorphism, only feature engineering methods that alter the entropy of the dataset will change the outcome of the neural network. This means that for some datasets and tasks, neural networks require meaningful, human-driven feature engineering or changes in architecture to provide enough information for the neural network to generate a sufficient statistic. Applying our results can serve to guide analysis methods for machine learning engineers and suggests that neural networks that can exploit the convolution theorem are equally accurate as standard convolutional neural networks, and can be more computationally efficient.
Has companion code repository: https://github.com/erickgalinkin/jhu_masters
This page was built for publication: Malicious Network Traffic Detection via Deep Learning: An Information Theoretic View
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q6349247)
